Mailinglist Archive: opensuse-security (685 mails)

< Previous Next >
RE: [suse-security] How to give access to my DMZ from internal (SuSEfirewall2)
  • From: "Andreas Marbet" <andreas.marbet@xxxxxxxxxxx>
  • Date: Wed, 6 Feb 2002 10:35:04 +0100
  • Message-id: <E68E687297C82A40A146041E67D26B7E0562EF@xxxxxxxxxxxxxxxxxxxxxxx>
> (I think there must be a way to let the internal into the DMZ
> like they came
> from external?)
>
># eth0-addr:10.0.0.100 hooked to ADSL Modem: 10.0.0.138
># eth1-addr:10.3.65.6 internal network
># eth2-addr:192.168.50.1 =DMZ, Mailserver:192.168.50.10
>
>DEV_EXT="ppp0"
>FW_DEV_INT="eth0 eth1"
>FW_DEV_DMZ="eth2"
>FW_ROUTE="yes"
> FW_FORWARD=""
> FW_FORWARD_MASQ="0/0,192.168.50.10,tcp,25 \
> 0/0,19.168.50.10,tcp,80 0/0,192.168.50.10,tcp,143 \
> 0/0,192.168.50.10,tcp,21 0/0,192.168.50.10,tcp,110"

try to put the forwarding rules (INT to DMZ) into FW_FORWARD instead of
FW_FORWARD_MASQ.
for me it worked this way, but I don't know exactly whats the real
difference between these two entries.

Andreas

< Previous Next >
This Thread
Follow Ups